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DETAILED ACTION 

This is a response to Applicant's Amendments filed on December 14, 2007. 
Claims 1-10, 13-14, 17-22, and 27-42 were originally requested for continued 
examination. 

Claims 1-10, 13-14, 17-22, and 27-42 were rejected on October 3, 2007. 

Claims 1,19, 27, 30, and 32 were amended. 

Claims 1-10, 13-14, 17-22, and 27-42 are currently pending. 

Interview 

1. The indicated allowability of claims 1-10, 13-14, 17-22, and 32 in a telephone 
interview with Gerald Chan on February 27, 2008 for a proposed Examiner's 
Amendments are withdrawn in view of a previously cited prior art reference(s) to Canion 
et al. [US 2002/0108059 A1], hereinafter Canion. 

The subject matter initially thought allowable by the Examiner as discussed in the 
interview, regarding the first processor configured to perform filtering of the network 
traffic if the type of the network traffic content does not match the prescribed type, is 
actually taught by Canion. 

The premature indication of allowability is regretted. 
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Response to Arguments 

1 . Applicant's arguments, see Remarks, filed December 14, 2007, with respect to 
the rejection(s) of claim(s) 1 , and 1 9 under 35 USC 1 03(a) have been fully considered 
and are persuasive. The rejections of 1-10, 13-14, 17-22, and 32 under 35 USC 103(a) 
have been withdrawn. 

However, upon further consideration, a new ground(s) of rejection is made in view of 
previously cited art by Can ion et al. [US 2002/01089059 A1]. 

2. Applicant's arguments with respect to claims 27-31 , and 33-42 have been 
considered but are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

1. Claim 1-10, 13-14, 17-22, and 27-42 are rejected under 35 U.S.C. 102(a) as 
being anticipated by Canion et al. [US 2002/0108059 A1] hereinafter Canion. 
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Regarding claim 1 , Canion teaches a device for managing network traffic flow, the 
device comprising: a first processor [US 2002/0108059 A1, Pg 5, Par 0051 -"Network 
Interface Processing Engine"], the first processor configured to receive network traffic 
content [US 2002/01 08059 A1 , Pg 5, Par 0052], determine whether a protocol of the 
network traffic content matches a prescribed protocol of network traffic content that 
could contain content desired to be detected by comparing a type of the network traffic 
content with a prescribed type [US 2002/0108059 A1 , Pg 5, Par 0055 -"In conventional 
operation, a network process receives a packet from a port, verifies fields in the packet 
header, and decides on an outgoing port to which it forwards the packet." An "outgoing 
port" teaches a prescribed type. Network traffic content of the various prescribed types 
are received by their corresponding Transport/Protocol Processing Engine (Par 0060), 
and Application Processing Engine (Par 0074).], store the network traffic content in a 
stack when the protocol of the network traffic content matches the prescribed protocol 
[US 2002/0108059 A1 , Par 0077 -"Storage management engine may be any hardware 
or hardware/software subsystem suitable for effecting delivery of requested content 
from content sources in response to processed requests received from application 
processing engine." Par 0079, "Direct communication between storage processing 
engine and transport processing engine enables application processing engine to be 
bypassed with the requested content." Examiner notes that all secondary processors 
are associated with a stack.] [US 2002/0108059 A1 , Pg 8, Par 0080 -"Storage 
management engine may employ any suitable method for caching data, including ... 
FIFO." Examiner notes "caching" teaches storing of network traffic content in a stack for 
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the secondary processing engines. Secondary processing engines are associated with 
processing network traffic content when the protocol of the network traffic content 
matches the prescribed protocol.], and perform filtering of the network traffic if the type 
of the network traffic content does not match the prescribed type [US 2002/0108059 A1 , 
Pg 10, Par 0092 -"For example, if a content delivery system is configured only to accept 
HTTP requests, then other requests such as FTP, telnet, etc. may be rejected or 
filtered ." "This filtering may be applied directly at the Network Interface Engine."]; and a 
second processor associated with a stack [US 2002/0108059 A1 , Pg 6, Par 0060 -- 
"Transport/Protocol Processing Engine" reads on a secondary processor] [US 
2002/0108059 A1 , Pg 7, Par 0074 -"Application Processing Engine" also reads on a 
secondary processor.] [US 2002/0108059 A1, Pg 8, Par 0076 --All the processing 
engines are associated with the Storage Management Engine which contains the stack 
(Par 0081).], wherein the second processor is configured to determine whether the 
network traffic content contains the content desired to be detected if the type of the 
network traffic content matches the prescribed type [US 2002/0108059 A1 , Pg 19, Par 
0174 -"A security accelerator is programmed to receive packets from the network and 
to examine each packet to determine whether data in the packet represents a potential 
security violation." Examiner notes that data in the packet representing a potential 
security violation reads on content desired to be detected. Also based from the 
disclosed architecture, it is implied that the secondary processing engines (not the 
Network Interface Engine) perform the examination of the packets.]. 
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Regarding claim 2, Canion teaches the device of claim 1 , wherein the first processor 
comprises a general purpose processor [US 2002/0108059 A1, Par 0097 - "Pentium"]. 

Regarding claim 3, Canion teaches the device of claim 1 , wherein the first processor 
comprises an ASIC processor [US 2002/0108059 A1 , Par 01 19 - "ASIC"]. 

Regarding claim 4, Canion teaches the device of claim 3, wherein the ASIC processor is 
a semi-custom ASIC processor. It is official notice that semi-custom ASIC processors 
are well known in the art of utilizing ASIC processors. 

Regarding claim 5, Canion teaches the device of claim 3, wherein the ASIC processor is 
a programmable ASIC processor [The examiner notes that ASIC processors are 
programmable.] 

Regarding claim 6, Canion teaches the device of claim 1 , wherein the first processor is 
further configured to send the network traffic content to a user when the protocol of the 
network traffic content does not match the prescribed protocol [US 2002/0108059 A1 , 
Pg 5, Par 0052]. 

Regarding claim 7, Canion teaches the device of claim 1 , further comprising the stack 
[US 2002/0108059 A1, Pg 8, Par 0081] [US 2002/01 08059 A1 , Pg 14, Par 0138]. 
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Regarding claim 8, Canion teaches the device of claim 7, wherein the stack is 
implemented in the first processor or in the second processor [US 2002/0108059 A1, Pg 
8, Par 0081] [US 2002/0108059 A1 , Pg 14, Par 0138]. 

Regarding claim 9, Canion teaches the device of claim 8, wherein the stack is 
configured to store the network traffic content in accordance with the protocol of the 
network traffic content [US 2002/0108059 A1 , Pg 8, Par 0077-0078]. 

Regarding claim 1 0, Canion teaches the device of claim 1 , wherein the first or the 
second processor is further configured to assemble the at least a portion of the network 
traffic content with the rest of the network traffic content, and transmit the network traffic 
content to a user when it is determined that the network traffic content does not contain 
the content desired to be detected [US 2002/01 08059 A1 , Pg 1 9, Par 01 74-01 75 - 
Examiner notes that it is inherent to re-assemble the network traffic content after it has 
been examined by the security accelerator for delivery of network traffic content to the 
end user.]. 

Regarding claim 1 3, Canion teaches the device of claim 1 , wherein the second 
processor comprises an ASIC processor [US 2002/0108059 A1 , Par 01 19 - "ASIC"]. 

Regarding claim 14, Canion teaches the device of claim 1 , wherein the first or the 
second processor is further configured to flag the network traffic content when the 
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protocol of the network traffic content matches the prescribed protocol, and send the 
flagged network traffic content to the memory [US 2002/0108059 A1 , Pg 7, Par 0068]. 

Regarding claim 17, Canion teaches the device of claim 14, wherein the second 
processor comprises an ASIC processor [US Pub No. 2002/0108059 A1, Par 01 19 — 
"ASIC"]. 

Regarding claim 1 8, Canion teaches the device of claim 1 , wherein the content desired 
to be detected is selected from the group consisting of a virus, a worm, a web content, a 
Trojan agent, an email spam, and a packet transmitted by a hacker [US 2002/0108059 
A1 , Pg 19, Par 0174 -Examiner notes that data in the packet representing a potential 
security violation reads on group consisting of a virus, a worm, a web content, a Trojan 
agent, an email spam, and a packet transmitted by a hacker.]. 

Regarding claim 32, Canion teaches the device of claim 1 , further comprising the 
memory [US 2002/01 08059 A1 , Fig 1 C, 1 D, 1 E, 1 F]. 

Claim 19-22 are rejected because it contains similar subject matter as claims 1, 9, 10, 
and 14. 

Regarding claim 27, Canion teaches a device for managing network traffic flow, the 
device comprising: a first processor, the first processor configured to receive network 
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traffic content [US 2002/0108059 A1 , Pg 5, Par 0052], flag the network traffic content by 
inserting data or modifying a portion of the network traffic content [US 2002/0108059 
A1 , Pg 7, Par 0071], send the flagged network traffic content to a module [US 
2002/0108059, Pg 7, Par 0071], the module configured to pass unflagged data to a user 
[US 2002/01 08059 A1 , Pg 1 0, Par 0092 -Examiner notes that data pertaining to 
requests not supported/prescribed by the content delivery system's processing modules 
would have been unflagged. Such data are (filtered/screened or discarded at the 
Network Interface depending on built in firewall feature of Canion) passed to the user 
directly from the network interface engine.] and prevent flagged data from being sent to 
the user [US 2002/0108059 A1, Pg 10, Par 0092 -Examiner notes that data pertaining 
to requests supported/prescribed by the content delivery system's processing modules 
are passed to the corresponding processing module, hence reading on "preventing data 
from being sent to the user."], and send a copy of the network traffic content to a second 
processor [Sending flagged data to a corresponding secondary processing module 
reads on "sending a copy of the network traffic content to a second processor."], the 
second processor configured to determine whether the network traffic content contains 
content desired to be detected [US 2002/01 08059 A1 , Pg 1 9, Par 01 74 -"A security 
accelerator is programmed to receive packets from the network and to examine each 
packet to determine whether data in the packet represents a potential security violation." 
Examiner notes that data in the packet representing a potential security violation reads 
on content desired to be detected. Also based from the disclosed architecture, it is 
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implied that the secondary processing engines (not the Network Interface Engine) 
perform the examination of the packets.]; and the second processor. 

Regarding claim 28, Canion teach the device of claim 27, wherein the first processor is 
further configured to transmit the network traffic content to a user when it is determined 
that the network traffic content does not contain the content desired to be detected [US 
2002/0108059 A1 , Pg 1 1 , Par 0106 -Examiner notes Network Interface Engine is 
always responsible for delivering/fetching content to/from network/user.] [US 
2002/0108059 A1, Pg 19, Par 0177]. 

Regarding claim 29, Canion teaches the device of claim 27, wherein the module 
comprises a memory, a buffer, or at least a portion of a processor [US 2002/0108059 
A1, Fig 1C, 1D, 1E, 1F]. 

Claim 30, 31 is rejected because it contains similar subject matter as claim 27, 28. 

Regarding claim 33, Canion teaches the device of claim 27, wherein the first processor 
is configured to pass a portion of the network traffic content downstream before the 
second processor finishes processing the network traffic content [This claim is inherent 
since the unflagged portion of the network traffic content is passed downstream, while 
the flagged portion of the network traffic content is being analyzed/examined for 
"undesirable/malicious" content.]. 
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Regarding claim 36, Canion teaches the device of claim 27, wherein the first processor 
is configured to flag the network traffic content by modifying data associated with the 
network traffic content or by inserting data to the network traffic content [US 
2002/0108059 A1, Pg 7, Par 0071]. 

Claim 37, 39 is rejected because it contains similar subject matter as claim 33, 36. 

Regarding claim 40, Canion teaches a device for managing network traffic flow, the 
device comprising: a first processor, the first processor configured to receive network 
traffic content [US 2002/0108059 A1 , Pg 5, Par 0052], pass a first portion of the network 
traffic content downstream [US 2002/0108059 A1 , Pg 10, Par 0092 -Examiner notes 
that data pertaining to requests not supported/prescribed by the content delivery 
system's processing modules are (filtered/screened or discarded at the Network 
Interface depending on built in firewall feature of Canion) passed to the user directly 
from the network interface engine.], and pass a second portion of the network traffic 
content to a stack [US 2002/0108059 A1 , Par 0077 -"Storage management engine may 
be any hardware or hardware/software subsystem suitable for effecting delivery of 
requested content from content sources in response to processed requests received 
from application processing engine." Par 0079, "Direct communication between storage 
processing engine and transport processing engine enables application processing 
engine to be bypassed with the requested content." Examiner notes that all secondary 
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processors are associated with a stack.] [US 2002/0108059 A1 , Pg 8, Par 0080 - 
"Storage management engine may employ any suitable method for caching data, 
including ... FIFO." Examiner notes "caching" teaches storing of network traffic content 
in a stack for the secondary processing engines. Secondary processing engines are 
associated with processing network traffic content when the protocol of the network 
traffic content matches the prescribed protocol.] for allowing the second portion to be 
scanned for content that is desired to be detected [US 2002/0108059, Pg 7, Par 0071]; 
and a second processor that is configured to scan the second portion for the content 
desired to be detected [US 2002/0108059 A1 , Pg 19, Par 0174 --"A security accelerator 
is programmed to receive packets from the network and to examine each packet to 
determine whether data in the packet represents a potential security violation." 
Examiner notes that data in the packet representing a potential security violation reads 
on content desired to be detected. Also based from the disclosed architecture, it is 
implied that the secondary processing engines (not the Network Interface Engine) 
perform the examination of the packets.]. 

Claim 41 is rejected because it contains similar subject matter as claim 28. 

Regarding claim 42, Canion teaches the device of claim 40, wherein the first portion of 
the network traffic content is not scanned for the content that is desired to be detected 
[US 2002/01 08059 A1 , Pg 1 0, Par 0092 -Examiner notes that data pertaining to 
requests not supported/prescribed by the content delivery system's processing modules 
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would have been unflagged. Unflagged data reads on first portion of network traffic 
content. The unflagged data are not sent to the secondary processing modules to be 
scanned for the content that is desired to be detected.]. 

Regarding claim 34, Canion teaches the device of claim 27, wherein the first processor 
and the second processor are parts of a processor [US 2002/0108059 A1 , Par 0097 - 
Examiner notes employing processing modules capable of performing the function of 
more than one engine in a content delivery system.]. 

Regarding claim 35, Canion teaches the device of claim 34, wherein the processor 
comprises an ASIC processor [US Pub No. 2002/0108059 A1 , Par 01 19 - "ASIC"]. 

Regarding claim 38, Canion teaches the method of claim 30, wherein the second 
processor comprises an ASIC processor [US Pub No. 2002/0108059 A1, Par 01 19 — 
"ASIC"]. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to MARTIN JERIKO P. SAN JUAN whose telephone 
number is (571)272-7875. The examiner can normally be reached on M-F 8:30a - 
6:00p EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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Examiner. Art Unit 2132 
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Supervisory Patent Examiner, Art Unit 2132 



